Abstract

Presented in this chapter are two protocols: TLS (Transport Layer Security) and WTLS (Wireless Transport Layer Security), both derived from SSL. TLS arose from the need to standardize SSL, a task that the IETF accomplished by producing RFC 2246 (1999). WTLS is the Wireless Application Protocol (WAP) Forum’s approach to secure transactions in mobile networks (Wireless Application Protocol Forum, 1999). Nevertheless, numerous incompatibilities persist among implementations of SSL and TLS because of the divergence between Netscape’s implementation of SSL, which many consider the reference implementation, and the protocol specifications that Netscape wrote (Rescorla, 2001, pp. 50, 79, 89). On the other side, because of constraints on wireless communications, WTLS is, from the outset, incompatible with TLS or SSL, which necessarily reflects itself in network planning and in the administration of end-to-end security.